Solution

Summaries and Symptoms

This patch updates the service console package for net-snmp, net-snmp-utils, and net-snmp-libs to version net-snmp-5.0.9-2.30E.28. This net-snmp update fixes a divide-by-zero flaw in the snmpd daemon. A remote attacker could issue a specially crafted GETBULK request that could cause the snmpd daemon to fail. This vulnerability was introduced by an incorrect fix for CVE-2008-4309. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1887 to this issue. Note: After installing the patch ESX350-200901409-SG, running the snmpbulkwalk command with the parameter -CnX results in no output, and the snmpd daemon stops. This patch fixes the issue.